Many devices such as set-top boxes and mobile phones incorporate a System-on-Chip (SOC) to provide a computing platform upon which their operating system and/or applications can be run. A SOC can be a single chip that combines many aspects of a computer or electronic system, such as a processor, memory, and data interface. In some cases, SOCs can be more efficient than an assembly of separate general purpose hardware components, as SOCs can be configured to provide specific aspects or functionality needed by a particular device.
SOCs are generally manufactured by SOC vendors. SOC vendors often install keys and identity data on each SOC they produce. A SOC vendor can then provide the SOCs to device manufacturers, which then incorporate the SOCs into final device hardware.
A device manufacturer or other third party can obtain copies of the keys and identity data previously installed on the SOCs within each device by the SOC vendor. The device manufacturer or third party can use the copies of the keys and identity data to program, personalize, and/or encrypt data on each device that includes a SOC associated with the keys and identity data. By way of a non-limiting example, a mobile phone manufacturer can receive SOCs from a SOC Vendor, and incorporate those SOCs into mobile phones. The mobile phones can then be programmed or personalized using the keys and identity data installed on the SOC within each mobile phone, either at a device factory or after the mobile phones have been deployed in the field.
In some cases, a SOC vendor can maintain a list of the keys and identity data it installs on each SOC. The SOC vendor can then later provide the list of keys and identity data as a flat file to device manufacturers. However, the flat file often contains information about SOCs that are not relevant to individual device manufacturers. By way of a non-limiting example, a particular device manufacturer may have received a shipment of SOCs from the SOC vendor, but the flat file can contain information about the keys and identity data installed on all SOCs manufactured by the SOC vendor, not just the ones shipped to the device manufacturer.
Alternatively, the SOC vendor can capture and store copies of each key and identity data installed on every SOC, and then later provide copies of the keys and identity data for particular SOCs to a device manufacturer when those particular SOCs are provided to the device manufacturers. However, in these cases the SOC vendor may need to maintain copies of the keys and identity data until they are provided to a device manufacturer, which can lead to unwanted storage costs and/or liability issues if the storage fails and stored copies of the keys and identity data are lost or deleted.